CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet
CISA warned about the RCE zero-day vulnerability in AVTECH IP cameras in early August, and now vulnerable systems are being…
Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking
Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted…
Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability
Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain…
Manufacturing Sector Under Fire From Microsoft Credential Thieves
The emails impersonate well-known companies in the industry, fooling the victim into thinking they are communicating with a legitimate entity.…
APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw…
Hitachi Energy Vulnerabilities Plague SCADA Power Systems
The company has assessed four of the five disclosed vulnerabilities as being of high to critical severity. The company has…
Why LLMs Are Just the Tip of the AI Security Iceberg
With the right processes and tools, organizations can implement advanced AI security frameworks that make hidden risks visible, enabling security…
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave
The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware…
Matthew Green on Telegram’s Encryption
Matthew Green wrote a really good blog post on what Telegram’s encryption is and is not. Matthew Green wrote a…
Hundreds of LLM Servers Expose Corporate, Health & Other Online Data
LLM automation tools and vector databases can be rife with sensitive data — and vulnerable to pilfering. LLM automation tools…
